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Description 

The present invention relates to a multimedia net- 
work system for transmitting real-time communication 
type information such as television video signals, and 
storage type information such as computer files using 
at least one transmission path. 

In recent years, optical fiber networks have been 
set up in trunk communication networks, satellite com- 
munications have been put into practical applications, 
and local area networks (LANs) have increasingly been 
widespread. In order to prevent a communication con- 
tent from being leaked to a third party other than a party 
concerned in communications, it is important to consti- 
tute a network system which can attain an encryption/ 
privacy function. 

So-called information service industries that charge 
depending upon contents and amounts of information 
services via such a communication network are growing 
larger. For this reason, it is also important to simultane- 
ously record and acquire charge information for infor- 
mation services in addition to the encryption/privacy 
function. 

As a conventional information encryption/privacy 
function system, secret-key cryptosystem and public- 
key cryptosystem are known. 

For further details of these systems, see D. W. Dav- 
is, W.L. Pric, "Network Security', edited and translated 
by Tadahiro Uezono and published by Nikkei McGraw- 
Hill Co. (1986). 

These systems will be briefly described below (for 
further details, see the above reference). 

In the secret-key cryptosystem, transmission and 
reception terminals share an encryption/decryption key, 
so that information is encrypted/transmitted and de- 
crypted using this key. 

As an encryption system of this type, a large 
number of systems, e.g., a simple sum encryption/per- 
mutation encryption system, an encryption system 
called "DES" (data encryption standard) which is stand- 
ardized by U.S. Department of Commerce (National Bu- 
reau of Standard), and the like are known. 

In the secret-key system, an encryption/decryption 
key must be determined in advance between transmis- 
sion and reception terminals, and must be kept secret 
from a third party. If a third party knows this key, he or 
she can easily decrypt encrypted information. 

In contrast to this, in the public-key cryptosystem, 
a pair of different encryption and decryption keys are 
used, and an encryption key is disclosed to all the ter- 
minals. 

Each terminal has its own encryption key. A trans- 
mission terminal selects a key of a destination terminal 
from the disclosed encryption keys of the respective ter- 
minals, and encrypts and transmits information using 
the selected key. On the other hand, a reception terminal 
decrypts the received information using a decryption 
key paired with the selected key. 



In this system, since a pair of keys with which a de- 
cryption key is difficult to determine from an encryption 
key are used, even when the encryption key is dis- 
closed, a third party substantially cannot decrypt en- 
s ' crypted information. 

Since a secret-key need not be determined in ad- 
vance between transmission and reception terminals, a 
key will not be known by a third party when a key is de- 
termined in advance between transmission and recep- 
10 tion terminals. 

However, the above prior art systems suffer from 
the following drawbacks. 

In the secret-key cryptosystem, 

*s *(1) an encryption/decryption key must be deter- 
mined in advance between transmission and recep- 
tion terminals, and a key may be known to a third 
party during a communication for determining the 
encryption/decryption key; 

20 (2) even when the same key is repetitively used to 
avoid such undesirable disclosure of the key, a third 
party may find out the key upon comparison of a 
plurality of pieces of information encrypted by the 
same key; and 

25 (3) if complex encryption such as the DES is per- 
formed, the above-mentioned possibility can be re- 
duced. However, it is difficult to encrypt data having 
a large data transfer volume per unit time such as 
a digital video signal. 

30 

In the public-key cryptosystem, 
(4) it is generally difficult to perform high-speed 
encryption/decryption processing. 

Since the two encryption systems suffer from the 

35 above-mentioned drawbacks (1 ) to (4), it is convention- 
ally difficult to safely encrypt real-time communication 
type information such as a video signal which must be 
transmitted at high speed. 

A still further prior art arrangement is known from 

40 the publication "Conditional Access Broadcasting: Dat- 
acare 2: An Over-Air Enabled System For General Pur- 
pose Data Channels" by D.T Wright published in BBC 
Research Department Report, August 1 988, Tadworth, 
Surrey, UK, p. 1 - 18. Disclosed therein is a method for 

45 enciphering and scrambling of data to be transferred 
from a transmission point to a plurality of receiving 
points as, for example, in a broadcasting system. This 
method provides a multi -level key encryption system, in 
which lower level keys are sent to a decoder (receiving 

50 point) by enciphering them with a higher level key. The 
highest level key is permanent for the decoder lifetime 
and the lowest level key is changed in regular intervals 
as often as possible. Moreover, this system provides a 
specific data format containing different address blocks 

55 and corresponding key types to address messages to 
all users, to a group of users or to an individual user of 
the system and to encipher message and control blocks, 
respectively, addressed to the corresponding user cat- 
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egory. 

Thus, due to the necessity of providing different ad- 
dress blocks for addressing the transmitted data to dif- 
ferent users or groups of users, respectively, a plurality 
of key types has to be provided, depending on the des- 
tination and contents of data to be transmitted. 

It is therefore an object of the present invention to 
solve the above drawbacks and to provide a multimedia 
network system capable of encrypting and transmitting 
real-time communication type information such as a vid- 
eo signal which must be transmitted at high speed, so 
that the encrypted information cannot be easily decrypt- 
ed. 

This object is achieved by a multimedia network 
system according to claims 1 , 2 and 3, respectively, as 
well as by a data communication method for transmitting 
data from a transmitting terminal to a receiving terminal 
in a network system according to claim 9. 

More specifically, a multimedia network system for 
transmitting real-time communication type information 
such as a television video signal and storage type infor- 
mation such as a computer file using at least one trans- 
mission path, comprises secret-key encryption means 
for encrypting the real-time communication type infor- 
mation by secret-key system in which only transmitting 
and receiving terminals of the information have encryp- 
tion and decryption keys, public-key encryption means 
for encrypting the storage type information by a public- 
key system in which all the terminals commonly have 
their own encryption keys, and only a receiving terminal 
of the information has its own decryption key, and se- 
cret-key control means for causing the secret-key en- 
cryption means to change a common encryption key in 
each communication, and causing the public-key en- 
cryption means to encrypt and transmit the changed 
key. 

The system further comprises time measurement 
means for measuring an encryption or decryption time 
of a transmission terminal which performs encryption 
using a secret-key by the secret-key encryption means 
or a reception terminal which performs decryption using 
a secret-key, and charging means for calculating charge 
information in accordance with information transmission 
or reception time measured by the time measurement 
means. 

With the above arrangement, since the secret and 
public key encryption systems are selectively adopted, 
the drawbacks of the prior arts can be eliminated, and 
high-speed information can be safely encrypted and 
transmitted. 

More specifically, when real-time communication 
type information is to be encrypted, the secret-key cryp- 
tosystem which can perform high-speed encryption/de- 
cryption processing by a relatively simple encryption 
method is used. Meanwhile, when storage type informa- 
tion is to be encrypted, a communication is performed 
using the public-key cryptosystem which can reduce a 
fear of decryption by a third party although it performs 



encryption/decryption processing at low speed. 

When a secret-key for encrypting real-time commu- 
nication type information is determined in advance, a 
communication is performed using the public-key cryp- 

s tosystem used in encryption of storage type information, 
and the determined secret-key is abandoned after each 
communication. Thus, the secret-key for encrypting re- 
al-time communication type information can be prevent- 
ed from being found out by a third party, and high-speed 

io information can be safely transmitted. 

Other features and advantages of the present in- 
vention will be apparent from the following description 
taken in conjunction with the accompanying drawings, 
in which like reference characters designate the same 

is or similar parts throughout the figures thereof. 

Figs. 1 A and 1 B are block diagrams showing the 
first embodiment according to the present inven- 
tion; 

20 Fig: 2 is a schematic diagram showing a multimedia 
network system to which the first embodiment is ap- 
plied; 

Fig. 3 is a flow chart showing a schematic operation 
of the first embodiment; 
25 Fig. 4 is a diagram showing a function of a portion 
for performing encryption using a public key in Figs. 
1Aand 1B; 

Fig. 5 is a diagram showing a function of a portion 
for putting a digital signature in Figs. 1 A and 1 B; 
30 Figs. 6A and 6B are block diagrams of a meeting 
system according to the second embodiment of the 
present invention; 

Fig. 7 is a block diagram of an interface for a trans- 
mitter in the second embodiment; and 
35 Fig. 8 is a block diagram of an interface for a receiv- 
er in the second embodiment. 

An embodiment of the present invention will be de- 
scribed in detail hereinafter with reference to the accom- 
40 panying drawings. 

[First Embodiment] 

The first embodiment of the present invention will 
45 be described below with reference to Figs. 1 A to 4. 

Figs. 1 A and 1 B are block diagrams of the first em- 
bodiment of the present invention, Fig. 2 is a schematic 
diagram showing a multimedia network system to which 
the first embodiment is applied, Fig. 3 is a flow chart 
50 showing a schematic operation of the first embodiment, 
Fig. 4 is a diagram showing a function of a portion for 
performing encryption using a public-key in Figs. 1Aand 
1 B, and Fig. 5 is a diagram showing a function of a por- 
tion for putting a digital signature in Figs. 1 A and 1 B. 
55 |n Figs. 1 A and 1 B, reference numeral 1 denotes a 
first terminal for encrypting and transmitting real-time 
communication type information; 2, a second terminal 
for receiving and decrypting the encrypted real-time 
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communication type information; and 3, a transmission 
path. 

In the first terminal 1, reference numeral 101 de- 
notes a magnetic storage device for storing storage type 
information such as computer files, electronic slips, and s 
the like in the transmission terminal 1 ; 102, a digital sig- 
nature unit for putting a digital signature for, when stor- 
age type information is transmitted, certifying that the 
information is surely transmitted from the first terminal 

1 , and is not forged by a third party; 103, a public-key 10 
encryption unit for encrypting storage type information 
using a public encryption key inherent to the second ter- 
minal 2 as a destination of information; 104, a public- 
key decryption unit for decrypting storage type informa- 
tion, which is encrypted using a public encryption key is 
inherent to the first terminal 1 and is transmitted to the 
first terminal, using a secret decryption key inherent to 

the terminal 1 ; 1 05, a signature confirmation unit for con- 
firming a digital signature for certifying that the storage 
type information decrypted by the public-key decryption 20 
unit 104 is surely transmitted from the second terminal 

2, and is not forged by a third party; 106, a real-time 
communication type information generator, such as a 
TV camera 106a, a VTR 106b, and the like, for gener- 
ating digital real-time communication type information; 25 
107, a synchronization signal generator for performing 
synchronization necessary for communications be- 
tween the first and second terminals 1 and 2; 1 08, a 
clock extraction unit for extracting a clock signal from 
real-time communication type information from the real- 30 
time communication type information generator 106; 

109, a pseudo random number generator for generating 
a pseudo random number string which has a one-to-one 
correspondence with a data key given from the magnet- 
ic storage device 101 , and is synchronous with a clock 35 
signal from the clock extraction unit 1 08; 1 1 0, an EX-OR 
gate for logically EX-ORing information from the real- 
time communication type information generator 106, 
and the pseudo random number from the pseudo ran- 
dom number generator 109; 111, a charge information 40 
acquisition unit for measuring an operation state of the 
pseudo random number generator 109, and acquiring 
information associated with a charge to be paid for in- 
formation to be transmitted; and 112, a communication 
interface for transmitting information from the public-key 45 
encryption unit 1 03, and a signal from the EX-OR gate 

110, and receiving signals from the transmission path 3 
and outputting them to the public-key decryption unit 
104. 

In the second terminal 2, reference numerals 201 so 
to 205 and 21 2 denote a magnetic storage device, a dig- 
ital signature unit, a public key encryption unit, a public- 
key decryption unit, a signature confirmation unit, and a 
communication interface similar to the components 101 
to 105 and 112 in the first terminal. Reference numeral 55 
206 denotes a real-time communication type informa- 
tion processor, comprising, e.g., a CRT 206a, a VTR 
206b, a magnetic storage device 206c, and the like, for 



displaying, storing, and processing real-time communi- 
cation type information; 207, a synchronization signal 
extraction unit for extracting a synchronization signal 
generated by the synchronization signal generator 107 
from signals transmitted through the transmission path 
3; 208, a received clock extraction unit for extracting a 
clock component from transmitted signals; 209, a pseu- 
do random number generator for, when the same key 
as the pseudo random number generator 1 09 in the first 
terminal 1 as a transmitter of real-time communication 
type information is given, generating the same pseudo 
random number; and 210, an EX-OR gate for logically 
Ex-ORing information received from the communication 
interface 212 and the pseudo random number from the 
pseudo random number generator 209. 

In Fig. 2, reference numeral 11 denotes a transmit- 
ting station, corresponding to the first terminal 1 shown 
in Figs. 1 A and 1B, for providing information, and receiv- 
ing a charge forthe information; 21 Ato 21 C, 22Ato22C, 
23A to 23C, and 24A to 24C, receiving stations, having 
the same arrangement as the second terminal 2 shown 
in Figs. 1A and 1B, for receiving information from the 
transmitting station 11, and paying the charge for the 
received information; 31 , a communication satellite; 32, 
a trunk station for providing a trunk communication net- 
work using an optical fiber; 33, a communication net- 
work such as a CATV; 34, a local area network (LAN); 
341 to 344, nodes for exchanging information between 
the LAN 34 and external stations; 35, a ground station 
for performing communications between the transmit- 
ting station 11 and the communication satellite 31 ; and 
351 , and 361 to 363, antennas used in communications 
between the communication satellite and the ground 
station. 

Note that the transmission path 3 in Figs. 1A and 
1 B includes a transmission path using the ground sta- 
tion 35 and the communication satellite 31 shown in Fig. 
2, a transmission path using the trunk station 32, a trans- 
mission path using the CATV network 33, a transmission 
path using the LAN 34, and the like. 

The schematic operation of the system of this em- 
bodiment will be described below with reference to the 
flow chart shown in Fig. 3. 

In the system shown in Fig. 2, the transmitting sta- 
tion 11 provides real-time communication type informa- 
tion such as video information in accordance with re- 
quests from the receiving stations 21 A to 24C, and this 
information is transmitted to the requesting receiving 
station via the communication satellite 31 , the trunk sta- 
tion 32, the CATV network 33, or the LAN 34. The re- 
ceiving station pays the charge for this information. All 
the pieces of information excluding payment of this 
charge are transmitted through one of the transmission 
paths shown in Fig. 2, i.e., in an on-line manner between 
the transmitting station 11 and the receiving stations 
21 A to 24C. 

The network shown in Fig. 2 must take counter- 
measures against the following illegal actions (1 ) to (4). 
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(1 ) A third party taps real-time communication type 
information without paying any charge. 

(2) A third party disguises another receiving station, 
and requests and receives information. 

(3) A receiving station alters a demand electronic 
slip after it receives information. 

(4) A receiving station forges a receipt electronic 
slip without paying a charge. 

In this embodiment, in order to prevent such illegal 
actions, the transmitting station 11 as the first terminal 
1 is equipped with the public-key encryption unit 103, 
the public key decryption unit 104, and the pseudo ran- 
dom number generator 109 shown in Figs. 1A and 1B, 
and each of the receiving stations 21 A to 24C as the 
second terminals is equipped with the public-key en- 
cryption unit 203, the public-key decryption unit 204, and 
the pseudo random number generator 209. 

Therefore, a procedure from when each receiving 
station requests information until it pays a charge is as 
follows. 

In step S1 , a file (electronic slip) for ordering infor- 
mation is transmitted from a given receiving station to 
the transmitting station 11. This file is encrypted/de- 
crypted by a public- key system (to be described later) 
when it is transmitted/received. The transmitting station 
which received the file transmits real-time communica- 
tion type information according to the file to the ordering 
receiving station in step S2. The transmission informa- 
tion is encrypted/decrypted by a secret-key system, as 
will be described later. 

In step S3, the receiving station transmits an elec- 
tronic slip for confirming reception to the transmitting 
station 11 . In step S4, the transmitting station 11 trans- 
mits a charge demand electronic slip to the receiving 
station. The electronic slip is encrypted/decrypted by the 
public-key system (to be described later) when it is 
transmitted/received. 

The receiving station pays the charge using a 
means outside a network in step S5. The transmitting 
station 11 which confirmed the payment transmits a re- 
ceipt electronic slip to the ordering receiving station in 
step S6. This electronic slip is also encrypted/decrypted 
by the public-key system (to be described later) when it 
is transmitted/received. 

Information is provided and a charge is paid via the 
above-mentioned procedure. 

Encryption/decryption processing of this embodi- 
ment in the information communication sequence 
shown in Fig. 3 which has been schematically described 
above will be described in detail below 

In this embodiment, real-time communication type 
information is encrypted/decrypted by the secret-key 
system using the pseudo random number generators 
109 and 209 when it is transmitted/received. 

In contrast to this, electronic slips are encrypted by 
the public-key system using the corresponding encryp- 
tion and decryption units. 



Encryption/decryption of real-time communication 
type information by the secret-key system of this em- 
bodiment will be briefly described below. 

The transmitting station 11 of this embodiment log- 
5 ically EX-ORs a string of real-time communication type 
information to be transmitted and a pseudo random 
number string generated by the pseudo random number 
generator 109 based on a data encryption key from the 
magnetic storage device 101, thereby encrypting and 
10 transmitting the real-time communication type informa- 
tion. 

A receiving station logically EX-ORs the encrypted 
signal and a pseudo random number string which is gen- 
erated by the pseudo random number generator 209 

is based on a data encryption key from the magnetic stor- 
age device 201 and is the same as that generated by 
the pseudo random number generator 109 of the trans- 
mitting station 11, thereby decrypting the information. 
In the above description, the transmitting station 

20 and the receiving station employ the same pseudo ran- 
dom number generator. Therefore, when the same data 
encryption key is given to these generators, the same 
pseudo random number string can be generated. 
The public-key encryption/decryption system of this 

25 embodiment will be described below. 

In this embodiment, the public-key system is used 
to encrypt and transmit information request and receipt 
data, charge demand and receipt electronic slips, and 
a data encryption key in the secret-key system. 

30 When the data encryption key in the secret-key sys- 
tem which is transmitted from the transmitting station 11 
to a source receiving station in advance is encrypted 
and transmitted by the public-key cryptosystem, the key 
can be prevented from being known to a third party. The 

35 key is changed for each communication, so that an en- 
cryption pseudo random number string can be prevent- 
ed from being found out upon comparison of a plurality 
of communication texts. 

Since this embodiment employs these encryption 

40 systems, real-time communication type information 
having a high bit rate can be safely encrypted at high 
speed in real time. 

In this embodiment, in order to particularly prevent 
the above-mentioned illegal actions (2) to (4), electronic 

45 slips are encrypted/decrypted by the public- key system, 
and the terminals have a function of performing a digital 
signature and a function of confirming the digital signa- 
ture using the digital signature units 102 and 202, and 
the signature confirmation units 105 and 205 for certify- 

50 ing a transmission source simultaneously with encryp- 
tion. 

Thus, in particular, the illegal actions (2) to (4) de- 
scribed above can be effectively prevented. For this rea- 
son, when an electronic slip is forged by a third party or 
55 js altered after transmission, such forgery or alteration 
can be detected. 

The above-mentioned public-key cryptosystem and 
the digital signature function of this embodiment will be 
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described below with reference to Figs. 4 and 5. 

The public-key cryptosystem of this embodiment 
will first be described in detail with reference to Fig. 4. 

In Fig. 4, an input V represents non-encrypted in- 
formation such as an electronic slip or a data encryption 5 
key; "ke 11 , a key used for encrypting information by the 
public-key cryptosystem; "E", an encryption unit for en- 
crypting the information V using the key "ke"; "y", infor- 
mation encrypted by the encryption unit E: "kd", a key 
used for decryption; "D", a decryption unit for decrypting 10 
the encrypted information "y" using the key "kd"; "ks", 
information for determining a pair of the encryption key 
°ke' and the decryption key "kd"; and "F" and "G B , de- 
vices for respectively generating the encryption key "ke" 
and the decryption key "kd" based on the information is 
"ks". 

The information °ks" and the decryption key "kd" are 
preserved as secret information inherent to each termi- 
nal so as not be disclosed outside the terminal. In con- 
trast to this, the encryption key "ke" is disclosed to all 20 
the terminals as public information inherent to each ter- 
minal. 

In the above arrangement, a transmitting terminal 
encrypts information using the public encryption key in- 
herent to a destination terminal to which information is 2s 
to be transmitted, and transmits the encrypted informa- 
tion. The encryption key "ke" and the decryption key "kd" 
are paired. In this case, a pair of keys with which the 
decryption key "kd" cannot be presumed from the en- 
cryption key "ke" are used. Such a pair of keys are gen- 30 
erated by utilizing a function called a one way function. 

As an example of the one way function, if two rela- 
tively prime integers are represented by "p" and u q", their 
product "n" is given by (n = p-q). More specifically, V 
can be easily calculated from "p" and "q", but it is difficult 3$ 
to obtain "p" and "q" from V. By utilizing this fact, the 
above-mentioned pair of keys can be generated. 

In this embodiment, information is encrypted using 
a public encryption key, and the encrypted information 
is transmitted. The encrypted information is decrypted 40 
using a secret decryption key which cannot be pre- 
sumed from the encryption key, so that safe encryption 
transmission can be guaranteed without transmitting a 
decryption key. 

The digital signature function of this embodiment 45 
will be described in detail below with reference to Fig. 5. 

In Fig. 5, reference symbol "s" denotes a signed 
communication text. The same reference symbols de- 
note the portions having the same functions as in Fig. 
4, and a detailed description thereof will be omitted. so 

In the above arrangement, when a digital signature 
is transmitted, a transmitting terminal decrypts original 
information using its own decryption key, and transmits 
the decrypted information. A receiving terminal encrypts 
the decrypted information using a public encryption key. 55 
Since encryption and decryption have a mathematically 
inverse-functional relationship, even when the above 
operations are performed, the received and encrypted 



information can be restored to the original one before 
being subjected to decryption in the transmitting termi- 
nal. The decryption key "kd" is preserved as a secret 
method of a transmitting terminal, as described above, 
and cannot be presumed from the public encryption key 
"ke". Therefore, the receiving terminal encrypts the 
transmitted signed communication text "s" using the 
public encryption key, thereby obtaining information V 
as an original communication text. 

As a result, it can be certified that this information 
"x" is surely issued from a terminal which discloses the 
encryption key. Information forged by a third party who 
does not know a decryption key becomes one which is 
not subjected to proper encryption processing. Even if 
information is encrypted by an improper encryption key, 
a nonsense signal (information) can only be obtained. 

Detailed roles of the respective units when the 
above-mentioned processing operations are performed 
will be described below along an actual procedure. 

In the following description, a case will be exempli- 
fied wherein the receiving station 24B receives informa- 
tion from the transmitting station 11 , and pays a charge 
for the received information. The same applies to com- 
munications of other stations, as a matter of course. 

The receiving station 24B as the terminal 2 shown 
in Figs. 1A and 1B executes processing in step S1 
shown in Fig. 3. More specifically, the terminal 24B gen- 
erates an electronic slip for requesting real-time com- 
munication type information (order slip) in the magnetic 
storage device 201 . Subsequently, the digital signature 
unit 202 puts a digital signature on this electronic slip 
using a secret signature decryption key inherent to the 
receiving station 24B. Furthermore, the encryption unit 
203 encrypts the electronic slip including the digital sig- 
nature using a public encryption key inherent to the 
transmitting station 11 , and transmits the encrypted slip 
to the transmission path 3 via the communication inter- 
face 212. 

The receiving station 24B is connected to the LAN 
34 via the node 343, and the signed encrypted slip from 
the receiving station 24B is sent to the LAN 34 via the 
node 343. The encrypted slip is then sent to the trans- 
mitting station 1 1 via the nodes 344 and 341 . 

This slip is fetched in the transmitting station 11 by 
the communication interface 112. This signal is decrypt- 
ed by the public-key decryption unit 1 04 using a secret 
decryption key inherent to the transmitting station 11. 
The decrypted information includes the digital signature 
transmitted from the receiving station 24B, and the sig- 
nature confirmation unit 105 confirms the digital signa- 
ture transmitted from the receiving station 24B, thus cer- 
tifying that the electronic slip is sent from the receiving 
station 24B. This electronic slip is stored in the magnetic 
storage device 101. 

The transmitting station 11 then executes process- 
ing in step S2 shown in Fig. 3. More specifically, the sta- 
tion 11 determines a secret-key encryption data key 
used when real-time communication type information is 
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transmitted. The station 11 causes the digital signature 
unit 102 to put a signature on the data key. The public- 
key encryption unit 103 then encrypts the data key using 
a public key. The data key is transmitted to the receiving 
station 24B. The receiving station 24B decrypts the re- 
ceived signal, confirms the signature, and receives the 
data key. The station 24B sets up the pseudo random 
number generator 209 using this data key to prepare for 
reception of real-time communication type information. 
Thereafter, the receiving station 24B sends, to the trans- 
mitting station 11 , a message indicating that the station 
24B is ready for reception. 

When the transmitting station 11 receives the recep- 
tion ready message, it sets up the pseudo random 
number generator 109 using the same data key as that 
transmitted to the receiving station 24B, and thereafter, 
energizes the synchronization signal generator 107 to 
generate a synchronization signal. The station 11 then 
starts an operation of a requested device of the real-time 
communication type information generator 106, and log- 
ically EX-ORs a signal train output from this device and 
a pseudo random number string, thereby encrypting the 
signal train. The station 11 transmits the encrypted sig- 
nal train to the receiving station 24B via the communi- 
cation interface 112. In the receiving station 24B which 
received the encrypted signal train via the communica- 
tion interface 212, the synchronization signal extraction 
unit 207 detects a synchronization signal in this signal 
train to start the pseudo random number generator 209. 

The EX-OR gate 210 logically EX-ORs the encrypt- 
ed real-time communication type information from the 
transmitting station 11, and a pseudo random number 
string generated by the pseudo random number gener- 
ator 209, thereby decrypting the information. The de- 
crypted information is input to the CRT 206a, the VTR 
206b, and the like. 

The pseudo random number generators 109 and 
209 of the transmitting station 11 and the receiving sta- 
tion 24B are respectively connected to the charge infor- 
mation acquisition units 111 and 211 for measuring op- 
eration times of their own apparatuses and acquiring 
charge information. The charge information acquisition 
units 111 and 211 allow demand and payment of a 
charge corresponding to a transmitted information vol- 
ume. 

In this embodiment, since the charge information 
acquisition units 111 and 211 for measuring operation 
times of their own apparatuses and acquiring charge in- 
formation are connected, the acquired charge informa- 
tion is output to, e.g., a display, so that both the trans- 
mitting and receiving stations can grasp the charge in- 
formation. Thus, preparation for a later payment can be 
smoothly performed. 

When the acquired charge information is transmit- 
ted at the end of a communication, a future trouble can 
be prevented. 

Upon completion of transmission of the real-time 
communication type information, the receiving station 



24B executes processing in step S3 in Fig. 3. More spe- 
cifically, the station 24B puts a signature on and en- 
crypts a receipt electronic slip (reception confirmation 
slip) under the same control as described above, and 
5 sends it to the transmitting station 11 . 

The transmitting station 1 1 similarly puts a signature 
on and encrypts a charge demand electronic slip, and 
sends it to the receiving station 24B in step S4 in Fig. 3. 

The receiving station 24B pays the charge to the 
f 0 transmitting station 1 1 via a bank or by another method 
in step S5. 

The transmitting station 11 puts a signature on and 
encrypts a receipt electronic slip, and sends it to the re- 
ceiving station 24B in step S6, thus completing a unit of 
*5 information service transaction. 

As described above, since this embodiment exe- 
cutes the above-mentioned procedure, real-time com- 
munication type information can be safely encrypted 
and transmitted at high speed in real time while an en- 
20 cryption key is prevented from being known to or pre- 
sumed by a third party. In addition, electronic slips can 
be prevented from being forged or altered. 

Since all the communication texts are encrypted, a 
third party cannot know contents of information transac- 
ts tions. Therefore, not only contents but also the pres- 
ence/absence of communications can be kept secret. 

[Another Embodiment] 

30 The present invention is not limited to the encryp- 
tion/decryption processing in the above-mentioned sys- 
tem, and is not limited to the arrangement and control 
of the above embodiment, either. The encryption/de- 
cryption processing of the present invention is applica- 

35 ble to various other data transmission systems. 

The second embodiment of the present invention in 
which the present invention is applied to another system 
will be described below with reference to Figs. 6A to 8. 
In recent years, a meeting system utilizing a net- 

40 work, so-called, an electronic meeting or television 
meeting system, has become increasingly popular. 
Such a meeting system utilizes a LAN provided in an 
office and a public circuit to exchange signals from a 
television camera for picking up images of men or arti- 

45 cles, a document image, or signals from an image scan- 
ner between meeting rooms at remote locations. In gen- 
eral, a plurality of electronic meeting rooms are connect- 
ed to the LAN provided in the office, and information is 
transmitted through a public circuit network. Therefore, 

so in order to prevent a meeting from being intercepted by 
another meeting room or to prevent information being 
tapped by a third party, information must be encrypted. 
Figs. 6A and 6B are schematic block diagrams of the 
meeting system of this embodiment. In Figs. 6 A and 6B, 

55 reference numeral 5 denotes a first office in a given en- 
terprise; and 6, a second office of the given enterprise. 
These two offices are connected through a public circuit 
7. 
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In the first office 5, reference numeral 51 denotes a 
first meeting room A of the office 5; 52 and 53, second 
and third meeting rooms C and D of this office; 511 to 
515, devices equipped in the meeting room A (reference 
numeral 511 denotes a controller; 512, a display; 513, 
a document presentation CRT; 514, a television camera; 
and 51 5, an image scanner); 551 to 555, nodes; 561 , a 
transmission line of the LAN; and 562, a transmission 
path branching from the LAN. These transmission lines 
comprise coaxial cables or optical fiber cables. 

In the second office 6, meeting rooms B 61 and E 
62, nodes 651 to 655, an interface 64, and transmission 
paths 661 and 662 which are the same as those in the 
office 5 are equipped. 

Figs. 7 and 8 show schematic arrangements of 
communication interfaces for executing encryption of 
the respective devices excluding the controllers 
equipped in the meeting rooms shown in Figs. 6A and 
6B in the meeting system of this embodiment with the 
above arrangement. 

Fig. 7 is a diagram of an interface for a transmitting 
equipment such as the television camera, the image 
scanner, or the like for transmitting information, and Fig. 
6 is a diagram of an interface for a receiving equipment 
such as the display, the CRT, or the like for receiving 
information. 

In Figs. 7 and 8, reference numerals 71 and 81 de- 
note these information equipments; 72 and 82, clock ex- 
traction circuits for extracting clock components from in- 
formation signals; 73 and 83; pseudo random number 
generators; 74 and 84, control circuits for controlling 
synchronization of communications, generation of 
pseudo random numbers, automatic operations of the 
information equipments, and the like; 75 and 85, EX-OR 
gates for logically EX-ORing signals; and 76 and 86, 
transmission/reception circuits for transmitting/receiv- 
ing signals onto/from transmission lines. 

The operation of this embodiment with the above 
arrangement will be described below. In the following 
description, a case will be exemplified below wherein a 
meeting is performed between the meeting rooms A 51 
and B 61. The meeting rooms 52, 53, 62, and the like 
have the same functions as those of these meeting 
rooms, and the same operations are performed among 
other meeting rooms, as a matter of course. 

Assume that the controllers of the meeting rooms, 
e.g., the controllers 511 and 611 have an information 
encryption function by the public-key cryptosystem de- 
scribed in the first embodiment. 

The controller 511 of the meeting room 51 deter- 
mines a data key for the secret-key cryptosystem for the 
equipments in the meeting rooms 51 and 61 prior to the 
meeting between the meeting rooms 51 and 61. The 
controller 511 encrypts data key by the same public-key 
system as in the first embodiment, and transmits it to 
the controller 611 of the meeting room 61. The controller 
51 1 then transmits the data key to the control circuits 74 
and 84 of all the equipments in the meeting room 51, 



thereby setting up encryption communication interfaces 
of these equipments. 

The controller 611 similarly transmits the data key 
to the controllers of the equipments in the meeting room 
5 61 , thereby setting up the interfaces. 

Thereafter, the respective equipments are synchro- 
nized using synchronization signals therefrom, and a 
communication is started. 

In this state, information from each transmitting 
io equipment is logically EX-ORed with a pseudo random 
number string based on the predetermined data key so 
as to be encrypted, and the encrypted information is 
transmitted. Each receiving equipment decrypts the sig- 
nal using the same pseudo random number string, and 
is receives it. Encryption/decryption during these opera- 
tions are performed in the same manner as in the first 
embodiment described above. 

When the electronic meeting is performed in this 
manner, it can be prevented from being intercepted 
from, e.g., the meeting room C 52 or D 53. 

The information can also be prevented from being 
tapped by a third party during transmission along the 
public circuit. 

The first and second embodiments of the present 
invention have been described in detail. However, the 
application range of the present invention is not limited 
to these embodiments. 

More specifically, in multimedia networks for trans- 
mitting real-time communication type information which 
must be encrypted in real time, and storage type infor- 
mation which requires safety-guaranteed encryption 
and certification of an information source via the same 
medium, the present invention is applicable to various 
other systems, and does not depend on network sys- 
tems, and kinds of terminals. 

As described above, according to the present in- 
vention, in a multimedia network for communicating re- 
al-time time communication type information and stor- 
age type information, the real-time communication type 
information is encrypted by the secret-key system, and 
the storage type information is encrypted by the public- 
key system. In addition, a data key in the secret-key sys- 
tem is encrypted by the public-key system, and the en- 
crypted key is transmitted. 

For this reason, in particular, real-time communica- 
tion type information can be encrypted more safely at 
higher speed. 

Since a means for measuring an operation time of 
secret-key encryption device is arranged, charge infor- 
mation for the transmitted information can be acquired 
by a simple device. 

As many apparently widely different embodiments 
of the present invention can be made without departing 
from the scope thereof, it is to be understood that the 
invention is not limited to the specific embodiments 
thereof except as defined in the appended claims. 
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Claims 

1. A multimedia network system for transmitting real- 
time data such as a television video signal and 
stored data such as a computer file using at least 
one transmission path, comprising: 

a transmitting terminal (1) comprising 

a secret-key encryption means (108, 109, 110; 
72, 73, 75) for encrypting the real-time data by 
a secret-key system in which data transmitting 
terminals and data receiving terminals both 
know the secret-key used for encryption and 
decryption of transmitted data; 
a public-key encryption means (103) for en- 
crypting the stored data by a public-key system 
in which the encryption key of each terminal is 
commonly accessible but the decryption key of 
each terminal is held private by each corre- 
sponding terminal; and 

a first secret-key control means (101, DATA 
KEY; 74) for causing said secret-key encryption 
means to change the secret-key, 

characterized in that 

said first secret-key control means causes 
said public-key encryption means to encrypt and 
transmit the changed secret-key, and causes said 
secret-key encryption means to change the secret- 
key in response to the reception of a data transmis- 
sion request from a receiving terminal each time 
such a data transmission request is received. 

2. A multimedia network system for transmitting real- 
time data such as a television video signal and 
stored data such as a computer file using at least 
one transmission path, comprising: 

a receiving terminal (2) comprising 

a secret-key decryption means (208, 209; 82, 
83, 85) for decrypting the real-time data by a 
secret- key system in which data transmitting 
terminals and data receiving terminals both 
know the secret-key used for encryption and 
decryption of transmitted data; 
a public-key decryption means (204) for de- 
crypting the stored data by a public-key system 
in which the encryption key of each terminal is 
commonly accessible but the decryption key of 
each terminal is held private by each corre- 
sponding terminal; and 

a second secret-key control means (201 , DATA 
KEY; 84) for causing said secret-key decryption 
means to change the secret-key, 

characterized in that 

said receiving terminal (2) further comprises re- 



quest transmission means (201, 202, 203, 212) 
for transmitting a data transmission request to 
a transmitting terminal, and 
said second secret-key control means causes 

5 said secret-key decryption means to change 

the secret-key in response to the reception of 
a new secret-key from a transmitting terminal 
each time such a new secret-key is received in 
response to the transmission of such a data 

10 transmission request from the receiving termi- 

nal. 

3. A multimedia network system for transmitting real- 
time data such as a television video signal and 
is stored data such as a computer file using at least 
one transmission path, comprising: 
a transmitting terminal (1) comprising 

a secret-key encryption means (108, 109; 72, 
20 73, 75) for encrypting the real-time data by a 

secret-key system in which data transmitting 
terminals and data receiving terminals both 
know the secret-key used for encryption and 
decryption of transmitted data; 
2S a public-key encryption means (103) for en- 

crypting the stored data by a public-key system 
in which the encryption key of each terminal is 
commonly accessible but the decryption key of 
each terminal is held private by each corre- 
30 sponding terminal; and 

a first secret-key control means (101, DATA 
KEY; 74) for causing said secret-key encryption 
means to change the secret-key; and 

35 a receiving terminal (2) comprising 

a secret-key decryption means (208, 209; 82, 
83, B5) for decrypting the real-time data by a 
secret- key system in which data transmitting 

40 terminals and data receiving terminals both 

know the secret-key used for encryption and 
decryption of transmitted data; 
a public-key decryption means (204) for de- 
crypting the stored data by a public-key system 

45 jn which the encryption key of each terminal is 

commonly accessible but the decryption key of 
each terminal is held private by each corre- 
sponding terminal; and 

a second secret-key control means (201 , DATA 
50 KEY; 84) for causing said secret-key decryption 

means to change the secret-key, 

characterized in that 

55 said receiving terminal further comprises re- 

quest transmission means (201, 202, 203, 
2012) for transmitting a data transmission re- 
quest to a transmitting terminal, and 
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said first secret-key control means causes said 
public-key encryption means to encrypt and 
transmit the changed secret-key and causes 
said secret-key encryption means to change 
the secret-key in response to the reception of 5 
a data transmission request from a receiving 
terminal each time such a data transmission re- 
quest is received, and 

said second secret-key control means causes 
said secret-key decryption means to change 10 
the secret-key in response to the reception of 
a new secret-key from a transmitting terminal 
each time such a new secret-key is received in 
response to the transmission of such a data 
transmission request from the receiving termi- fs 
nal. 

The system according to claim 3, 
characterized in that 

said transmitting terminal for performing encryption 20 
using the secret-key by said secret-key encryption 
means or said receiving terminal for performing de- 
cryption using the secret-key by said secret-key de- 
cryption means further comprises time measure- 
ment means (1 07, 1 08; 207, 208) for measuring an 25 
encryption or decryption time, and charge means 
(111; 211) for calculating charge information in ac- 
cordance with a transmission or reception time of 
information measured by said time measurement 
means. 30 

The system according to claim 3, 
characterized in that 

a file for ordering information from said receiving 
terminal to said transmitting terminal, and the real- 35 
time data transmitted from said transmitting termi- 
nal to said receiving terminal in accordance with the 
file are encrypted using the secret-key by said se- 
cret-key encryption means, and a reception confir- 
mation file for the real-time data, which file is trans- 40 
mitted from said receiving terminal to said transmit- 
ting terminal, and a charge demand file from said 
transmitting terminal to said receiving terminal are 
encrypted by said public-key encryption means, 
and are decrypted by the decryption key inherent to 45 
said receiving terminal. 

The system according to claim 5, 
characterized in that 

said public-key encryption means of said transmit- so 
ting terminal encrypts real-time data by logically EX- 
ORing a real-time data string and a pseudo random 
number string generated based on the stored data 
encryption key, and transmits the encrypted real- 
time data. ss 

The system according to claim 5, 
characterized in that 



said public-key encryption means of said receiving 
terminal decrypts real-time data by logically EX- 
ORing a received real-time data string and a pseu- 
do random number string generated based on the 
stored data encryption key. 

8. The system according to claim 5, 
characterized in that 

said transmitting terminal further comprises 
digital signature means (102) for putting a dig- 
ital signature for certifying a transmission 
source simultaneously with encryption when 
files are transmitted, and 
said receiving terminal further comprises con- 
firmation means (205) for confirming the digital 
signature. 

9. A data communication method for transmitting data 
from a transmitting terminal to a receiving terminal 
in a network system, wherein each of the transmit- 
ting and the receiving terminals comprise a secret- 
key encryption unit and a sec ret- key decryption unit 
each for encrypting and decrypting data by a secret- 
key system in which only transmitting and receiving 
terminals know the secret-key used for encryption 
and decryption of transmitted data and comprising 
a public-key encryption unit and a public-key de- 
cryption unit for encrypting and decrypting data by 
a public-key system in which the encryption key of 
each terminal is commonly accessible but the de- 
cryption key of each terminal is held private by each 
corresponding terminal, said method comprising 
the steps of: ' 

requesting data transmission from the receiv- 
ing terminal to the transmitting terminal; 
encrypting, a secret-key of the secret-key en- 
cryption unit in the transmitting terminal, by the 
public-key encryption unit in the transmitting 
terminal; 

transmitting the encrypted secret-key from the 
transmitting terminal to the receiving terminal; 
decrypting the encrypted secret-key by the 
public-key decryption unit and setting secret- 
key in the secret-key encryption unit in the re- 
ceiving terminal; 

encrypting a requested data by the secret-key 
encryption. unit in the transmitting terminal; 
transmitting the requested and encrypted data 
from the transmitting terminal to the receiving 
terminal; 

decrypting the transmitted data by the secret- 
key decryption unit in the receiving terminal; 

wherein 

the secret-key encryption unit of the transmit- 
ting terminal changes the secret-key each time a 
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request of data transmission is received from the 
receiving terminal. 



Patentanspruche s 

1 . Multimedianetzwerksystem zur Sendung von Echt- 
zeitdaten, beispielsweise eines Fernsehvideosi- 
gnals, und gespeicherter Daten, beispielsweise ei- 
ner Compute rdatei, unter Verwendung wenigstens fo 
eines Ubertragungsweges, mit: 
einer Sendestation (1) mit 

einem Geheimccdeverschlusselungsmittel 
(108, 109, 110; 72, 73, 75)zur Verschlusselung is 
der Echtzeitdaten durch ein Geheimcodesy- 
stem, bei dem Datensende- und Datenemp- 
fangsstationen beide den Geheimcode ken- 
nen, der zur Verschlusselung und zur Ent- 
schiusselung von gesendeten Daten benutzt 20 
wird; 

einem Verschlusselungsmittel mit offentlichem 
Code (103) zur Verschlusselung der Speicher- 
daten durch ein System mit offentlichem Code, 
bei dem der Verschlusselungscode einer jeden 25 
Station gemeinschaftlich zuganglich ist, jedoch 
der Verschlusselungscode einer jeden Station 
im engen Kreis einer jeden zugehorigen Station 
gehalten wird; und 3. 
einem ersten Geheimcode- Steuermittel (101, 30 
DATA KEY; 74) zur Veranlassung des Geheim- 
codeverschlusselungsmittels zur Anderung 
des Geheimcodes, 

dadurch gekennzeichnet, daB 35 

das erste Geheimcodesteuermittel das Ver- 
schlusselungsmittel mit offentlichem Code zur Ver- 
schlusselung und Sendung des geanderten Ge- 
heimcodes veranlaBt und das Geheimcodever- 
schlusselungsmittel zur Anderung des Geheimco- 40 
des abhangig vom Empfang von einer Datensende- 
anfordrung aus einer Empfangsstation bei jeder 
empfangenen Datensendeanforderung veranlaBt. 



Multimedianetzwerksystem zur Sendung von Echt- 
zeitdaten, beispielsweise eines Fernsehvideosi- 
gnals, und gespeicherter Daten, beispielsweise ei- 
ner Computerdatei, unter Verwendung wenigstens 
eines Ubertragungsweges, mit: 
einer Empfangsstation (2) mit 



45 



so 



einem Geheimcodeverschlusselungsmittel 
(208, 209; 82, B3, 85) zur Verschlusselung der 
Echtzeitdaten durch ein Geheimcodesystem, 
bei dem Datensendestationen und Datenemp- 55 
fangsstationen beide den zur Verschlusselung 
und Entschiusselung der gesendeten Daten 
verwendeten Geheimcode kennen; 



einem Verschlusselungsmittel (204) fur offent- 
lichen Code zur Verschlusselung der gespei- 
cherten Daten durch ein System mit offentli- 
chem Code, bei dem der Verschlusselungsco- 
de einer jeden Station gemeinschaftlich zu- 
ganglich ist, jedoch der Verschlusselungscode 
einer jeden Station von jeder zugehorigen Sta- 
tion im engen Kreis gehalten wird; und 
einem zweiten Geheimcodesteuermittel (201, 
DATA KEY; 84) zur Veranlassung des Geheim- 
codeverschlusselungsmittels zur Anderung 
des Geheimcodes, 

dadurch gekennzeichnet, daB 

die Empfangsstation (2) des weiteren ausge- 
stattet ist mit Sendeanforderungsmitteln (201, 
202, 203, 21 2) zur Sendung einer Datensende- 
anforderung an eine Sendestation, und 
das zweite Geheimcodesteuermittel die Ge- 
heimcodeverschlusselungsmittel zur Ande- 
rung des Geheimcodes abhangig vom Emp- 
fang eines neuen Geheimcodes aus einer Sen- 
destation jedesmal veranlaBt, wenn ein neuer 
Geheimcode abhangig von der Sendung einer 
solchen Datensendeanforderung aus der Emp- 
fangsstation empfangen wird. 

Multimedianetzwerksystem zur Sendung von Echt- 
zeitdaten, beispielsweise eines Fernsehvideosi- 
gnals, und gespeicherter Daten, beispielsweise ei- 
ner Computerdatei, unter Verwendung wenigstens 
eines Ubertragungsweges, mit: 
einer Sendestation (1) mit 

einem Geheimcodeverschlusselungsmittet 
(108, 109, 72, 73, 75) zur Verschlusselung der 
Echtzeitdaten mit einem Geheimcodesystem, 
bei dem Datensendestationen und Datenemp- 
fangsstationen beide den der Verschlusselung 
und Entschiusselung der ubertragenen Daten 
dienenden Geheimcode kennen; 
einem Verschlusselungsmittel (103) fur offent- 
lichen Code zur Verschlusselung der gespei- 
cherten Daten durch ein System mit offentli- 
chen Code, bei dem der Verschlusselungscode 
einer jeden Station gemeinschaftlich zugang- 
lich ist, aber der Verschlusselungscode einer 
jeden Station von jeder zugehorigen Station im 
engen Kreis gehalten wird; und 
einem ersten Geheimcodesteuermittel (101, 
DATA KEY; 74), urn die Geheimcodeverschlus- 
selungsmittel zur Anderung des Geheimcodes 
zu veranlassen; und 

einer Empfangsstation (2) mit 

einem Geheimcodeverschlusselungsmittel 
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(208, 209; 82, 83, 85) zur Verschlusselung der 
Echtzeitdaten durch ein Geheimcodesystem, 
bei dem Datensendestationen und Datenemp- 
fangsstationen beide den der Verschlusselung 
und Entschlusselung der gesendeten Daten s 
dienenden Geheimcode kennen; 
einem Verschlusselungsmittel (204) mit offent- 
lichem Code zur Verschlusselung der gespei- 
cherten Daten durch ein System mit offentli- 
chem Code, bei dem der Verschlusselungsco- 10 
de einer jeden Station gemeinschaftlich zu- 
ganglich ist, jedoch der Verschlusselungscode 
einer jeden Station von jeder zugehorigen Sta- 
tion im engen Kreis gehalten wird; 
einem zweiten Geheimcodesteuermittel (201, is 
DATA KEY; 84) zur Veranlassung des Geheim- 
codeverschlusselungsmittels, den Geheim- 
code zu andem, 

dadurch gekennzeichnet, daB 20 

die Empfangsstation des weiteren ausgestattet 
ist mit Sendeanforderungsmitteln (201, 202, 
203, 2012) zur Sendung einer Datensendean- 
forderung an eine Sendestation, und daB 25 
das erste Geheimcodesteuermittel das Ver- 
schlusselungsmittel mit offentlichem Code zur 
Verschlusselung und Sendung des geanderten 
Geheimcodes veranlaBt und das Geheimcode- 
verschlusselungsmittel zur Sendung der Anfor- 30 
derung aus einer Empfangsstation bei jedem 
Empfang einer Datensendeanforderung veran- 
laBt, und daB 

das zweite Geheimsteuermittel das Geheim- 
codesteuermittel zur Anderung des Geheimco- 35 
des abhangig vom Empfang eines neuen Ge- 
heimcodes aus einer Sendestation veranlaBt, 
immer wenn ein neuer Geheimcode abhangig 
von der Sendung einer solchen Datensendean- 
forderung von der Empfangsstation empfan- 40 
gen wird. 

4. System nach Anspruch 3, 
dadurch gekennzeichnet, daB 

45 

die Sendestation zur Ausfuhrung der Ver- 
schlusselung unter Verwendung des Geheim- 
codes durch das Geheimcodeverschlusse- 
lungsmittel oder die Empfangsstation zur Aus- 
fuhrung der Entschlusselung unter Verwen- so 
dung des Geheimcodes durch das Geheim- 
codeentschlusselungsmittel des weiteren aus- 
gestattet ist mit 

ZeitmeBmitteln (107, 108; 207, 208) zur Mes- 
sung einer Verschlusselungs- oder Entschlus- ss 
selungszeit, Gebuhrenmitteln (111; 211) zur Er- 
rechnung der Gebuhreninformation gemaB ei- 
ner von den ZeitmeBmitteln gemessenen Sen- 



ds- oder Empfangszeit der Information. 

5. System nach Anspruch 3, 
dadurch gekennzeichnet, daB 

eine Datei zur Informationsanforderung aus 
der Empfangsstation an die Sendestation und zur 
Anforderung der Echtzeitdaten, die aus der Sende- 
station an die Empfangsstation gemaB der Datei 
unter Verwendung des vom Geheimcodeverschlus- 
selungsmittel verschlusselten Geheimcodes ge- 
sendet werden, und einer Empfangsbestatigungs- 
datei fur von der Empfangsstation an die Sendesta- 
tion gesendete Echtzeitdaten, wobei eine Gebuh- 
renforderungsdatei aus der Sendestation an die 
Empfangsstation von den Verschlusselungsmitteln 
fur offentlichen Code verschlusselt und mit dem der 
Empfangsstation eigenen Entschlusselungscode 
entschlusselt wird. 

6. System nach Anspruch 5, 
dadurch gekennzeichnet, daB 

das Verschlusselungsmittel mit offentlichem 
Code der Sendestation die Echtzeitdaten durch lo- 
gisches EX- ODERn einer Echtzeitdaten kette mit 
einer auf der Grundlage des gespeicherten Daten- 
verschlusselungscodes erzeugten Pseudozufalls- 
zahlenkette verschlusselt und die verschlusselten 
Echtzeitdaten sendet. 

7. System nach Anspruch 5, 
dadurch gekennzeichnet, daB 

das Verschlusselungsmittel mit offentlichem 
Code der Empfangsstation Echtzeitdaten durch lo- 
gisches EX- ODERn einer empfangenen Echtzeit- 
datenkette mit einer auf der Grundlage des gespei- 
cherten Datenverschlusselungscode erzeugten 
Pseudozufallszahlenkette verschlusselt. 

8. System nach Anspruch 5, 
dadurch gekennzeichnet, daB 

die Sendestation des weiteren ausgestattet 
ist mit digitalen Unterschriftsmitteln (102) zur Gabe 
einer digitalen Unterschrift, urn eine Sendequelle 
gleichzeitig mit der Verschlusselung bei Sendung 
von Dateien zu sichern, und daB die Empfangssta- 
tion des weiteren Bestatigungsmittel (205) zur Be- 
statigung der digitalen Unterschrift enthalt. 

9. Daten ubertragungsverfahren zur Datensendung 
aus einer Sendestation an eine Empfangsstation in 
ein Netzwerksystem, wobei jede der Sende- und 
Empfangsstationen eine Geheimcodeverschlusse- 
lungseinheit und eine Geheimcodeentschlusse- 
lungseinheit zur Verschlusselung und Entschlusse- 
lung von Daten durch ein Geheimcodesystem be- 
sitzt, bei dem nur Sende- und Empfangsstationen 
den Geheimcode kennen, der zur Ver- und Ent- 
schlusselung der gesendeten Daten dient und aus- 
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gestattet ist mit einer Verschlusselungseinheit mit 
offentlichem Code und einer Entschlusselungsein- 
heit mit offentlichem Code zur Verschlusselung und 
Entschlusselung der Daten durch ein System mit of- 
fentlichem Code, bei dem der Verschlusselungsco- 
de einer jeden Station gemeinschaftiich zuganglich 
ist, aberder Verschlusselungscode einer jeden Sta- 
tion von der zugehdrigen Station im engen Kreis ge- 
halten wird, mit den Verfahrensschritten: 

Datensendeanforderung von der Empfangs- 
station an die Sendestation; 
Verschlusselung eines Geheimcodes der Ge- 
heimcodeverschlusselungseinheit in der Sen- 
destation durch eine Verschlusselungseinheit 
mit offentlichem Code-in der Sendestation; 
Senden des verschlusselten Geheimcodes von 
der Sendestation an die Empfangsstation; 
Entschlusseln des verschlusselten Geheimco- 
des mit der Entschlusselungseinheit fur offent- 
lichen Code und Einsetzen des Geheimcodes 
in die Geheimcodeverschlusselungseinheit in 
der Empfangsstation; 

Verschlusseln angeforderter Daten durch die 
Geheimverschlusselungseinheit in der Sende- 
station; 

Senden derangeforderten und verschlusselten 
Daten aus der Sendestation an die Empfangs- 
station; 

Entschlusseln der gesendeten Daten durch die 
Geheimcodeentschlusselungseinheit in der 
Empfangsstation; wobei 
die Geheimcodeverschlusselungseinheit der 
Sendestation den Geheimcode bei jeder von 
der Empfangsstation empfangenen Datensen- 
deanforderung andert. 



Revendications 

1. Systeme de reseau multimedia pour transmettre 
des donnees en temps reel, comme un signal video 
de television, et des donnees enregistrees telles 
qu'un fichier informatique, en utilisant au moins une 
voie de transmission, comprenant : 
un terminal emetteur (1 ) comprenant 

des moyens de cryptage a cie secrete (108, 
109, 110; 72, 73, 75) pour crypter les donnees 
en temps reel par un systeme a cle secrete 
dans lequel des terminaux emetteurs de don- 
nees ainsi que des terminaux r6cepteurs de 
donnees connaissent la cie secrete qui est uti- 
lised pour le cryptage et decryptage de don- 
nees emises; 

des moyens de cryptage a cie publique (103) 
pour crypter les donn6es enregistrees au 
moyen d'un systeme a cle publique dans lequel 



la cle de cryptage de chaque terminal est ac- 
cessible de facon commune, mais la cle de de- 
cryptage de chaque terminal est gardee privee 
par chaque terminal correspondant; et 
5 des premiers moyens de commande de cle" se- 

crete (101 , DATA KEY; 74) pour faire en sorte 
que les moyens de cryptage a cle secrete chan- 
gent la cle secrete, 

10 caracterise en ce que 

les premiers moyens de commande de cle se- 
crete font en sorte que les moyens de cryptage a 
cie publique cryptent et 6mettent la cie secrete 
changee, et ils font en sorte que les moyens de 

is cryptage a cie secrete changent la cle secrete sous 
I'effet de la reception d'une demande d'emission de 
donn6es provenant d'un terminal recepteur, chaque 
fois qu'une telle demande demission de donnees 
est recue. 

20 

2. Systeme de reseau multimedia pour transmettre 
des donnees en temps reel, comme un signal video 
de television, et des donnees enregistrees telles 
qu'un fichier informatique, en utilisant au moins une 
25 voie de transmission, comprenant : 
un terminal r6cepteur(2) comprenant 

des moyens de decryptage a cle secrete (208, 
209; 82, 83, 85) pour decrypter les donnees en 

30 temps r6el par un systeme a cie secrete, dans 

lequel des terminaux emetteurs de donnees 
ainsi que des terminaux recepteurs de donnees 
connaissent la cle secrete qui est utilisee pour 
le cryptage et le decryptage de donn6es 6mi- 

35 ses; 

des moyens de decryptage a cl6 publique (204) 
pour decrypter les donnees enregistrees au 
moyen d'un systeme a cl6 publique dans lequel 
la cl6 de cryptage de chaque terminal est ac- 

40 cessible de facon commune, mais la cle de de- 

cryptage de chaque terminal est gardee privee 
par chaque terminal correspondant; et 
des seconds moyens de commande de cl6 se- 
crete (201, DATA KEY; 84) pour faire en sorte 

45 que les moyens de decryptage a cle secrete 

changent la cle" secrete, 

caracterise en ce que 

50 (e terminal recepteur (2) comprend.en outre des 

moyens d'emission de demande (201, 202, 
203, 212) pour emettre une demande d'emis- 
sion de donnees vers un terminal 6metteur, et 
les seconds moyens de commande de cle se- 

55 crete font en sorte que les moyens de decryp- 

tage a cie secrete changent la cie secrete sous 
I'effet de la reception d'une nouvelle cle secrete 
a partir d'un terminal emetteur, chaque fois 
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qu'une telle nouvelle cle secrete est recue sous 
I'effet de remission d'une telle demande 
d'emission de donnees a partir du terminal re- 
cepteur. 

5 

3. Systeme de reseau multimedia pour transmettre 
des donnees en temps reel, comme un signal video 
de television, et des donnees en registries telles 
qu'un fichier informatique, en utilisant au moins une 
voie de transmission, comprenant : io 
un terminal emetteu r (1 ) comprenant 

des moyens de cryptage a cle secrete (10B, 
109; 72, 73, 75) pour crypter les donnees en 
temps reel par un systeme a cle secrete dans is 
lequel des terminaux emetteurs de donnees 
ainsi que des terminaux recepteurs de donnees 
connaissent la cie secrete qui est utilised pour 
le cryptage et decryptage de donnees emises; 
des moyens de cryptage a cle publique (103) 20 
pour crypter les donnees enregistrees au 
moyen d'un systeme a cle publique dans lequel 
la cle de cryptage de chaque terminal est ac- 
cessible de facon commune, mais la cle de de- 
cryptage de chaque terminal est gardee priv6e 25 
par chaque terminal correspondant; et 
des premiers moyens de commande de cle se- 
crete (101, DATA KEY; 74) pour faire en sorte 
que les moyens de cryptage a cle secrete chan- 
gent la cle secrete: et 30 

un terminal recepteur(2) comprenant 

des moyens de decryptage a cle secrete (208, 
209; 82, 83, 85) pour decrypter les donnees en 35 
temps reel par un systeme a cie secrete, dans 
lequel des terminaux emetteurs de donnees 
ainsi que des terminaux recepteurs de donnees 
connaissent la cie secrete qui est utilised pour 
le cryptage et le decryptage de donnees emi- 40 
ses; 

des moyens de decryptage a cle publique (204) 
pour decrypter les donnees enregistrees au 
moyen d'un systeme a cl6 publique dans lequel 
la cle de cryptage de chaque terminal est ac- 45 
cessible de facon commune, mais la cle de de- 
cryptage de chaque terminal est gardee privee 
par chaque terminal correspondant; et 
des seconds moyens de commande de cle se- 
crete (201 , DATA KEY; 84) pour faire en sorte so 
que les moyens de decryptage a cle secrete 
changent la cle secrete, 

caracterise en ce que 

55 

le terminal recepteur comprend en outre des 
moyens d'emission de demande (201, 202, 
203, 212) pour emettre une demande d'emis- 



sion de donnees vers un terminal emetteur, et 
les premiers moyens de commande de cle se- 
crete font en sorte que les moyens de cryptage 
a cie publique cryptent et emettent la cie secre- 
te chang6e, et ils font en sorte que les moyens 
de cryptage a cle secrete changent la cle se- 
crete sous I'effet de la reception d'une deman- 
de d'emission de donnees provenant d'un ter- 
minal recepteur, chaque fois qu'une telle de- 
mande d'emission de donnees est regue, et 
les seconds moyens de commande de cle se- 
crete font en sorte que les moyens de decryp- 
tage a cie secrete changent la cle" secrete sous 
I'effet de la reception d'une nouvelle cle secrete 
provenant d'un terminal emetteur, chaque fois 
qu'une telle nouvelle cle secrete est recue sous 
I'effet de remission d'une telle demande 
d'emission de donnees par le terminal r6cep- 
teur. 

4. Systeme selon la revendication 3, 
caracterise en ce que 

le terminal emetteur pour effectuer un cryptage par 
les moyens de cryptage a cle secrete, en utilisant 
la cie secrete, ou le terminal recepteur pour effec- 
tuer un decryptage par les moyens de decryptage 
a cle secrete, en utilisant la cle secrete, comprend 
en outre des moyens de mesure de temps (107, 
1 08; 207, 208) pour mesurer une duree de cryptage 
ou de decryptage, et des moyens de taxation (111; 
211 ) pour calculer une information de taxation con- 
formement a une duree d'emission ou de reception 
d'information qui est mesuree par les moyens de 
mesure de temps. 

5. Systeme selon la revendication 3, 
caracterise en ce que 

un fichier pour demander de reformation au termi- 
nal emetteur, a partir du terminal recepteur, et les 
donnees en temps reel qui sont 6mises par le ter- 
minal emetteur vers le terminal recepteur confor- 
mement au fichier, sont cryptes par les moyens de 
cryptage a cle secrete en utilisant la cie secrete, et 
un fichier de confirmation de reception pour les don- 
nees en temps reel, qui est emis par le terminal re- 
cepteur vers le terminal emetteur, et un fichier de 
demande de taxe qui est emis par le terminal emet- 
teur vers le terminal recepteur, sont cryptes par les 
moyens de cryptage a cie publique, et sont decryp- 
tes avec la cle de decryptage qui est inherente au 
terminal recepteur. 

6. Systeme selon la revendication 5, 
caracterise en ce que 

les moyens de cryptage a cie publique du terminal 
emetteur cryptent des donnees en temps reel en 
effectuant une combinaison logique OU-EXCLUSIF 
d'une chaine de donnees en temps reel et d'une 
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chains de nombre pseudo-aleatoire qui est gene- 
ree sur la base de la cle de cryptage de donnees 
enregistree, et ils emettent les donnees en temps 
reel cryptees. 

5 

7. Systeme selon la revendication 5, 
caracterise en ce que 

les moyens de cryptage a cie publique du terminal 
recepteur decryptent des donnees en temps reel en 
combinant par une fonction logique OU-EXCLUSIF 10 
une chaine de donnees en temps reel qui est recue 
et une chaine de nombre pseudo-aleatoire qui est 
generee sur la base de la cle de cryptage de don- 
nees enregistree. 

15 

8. Le systeme selon la revendication 5, 
caracterise en ce que 

le terminal emetteur comprend en outre des 
moyens de signature numerique (1 02) destines 20 
a introduce une signature numerique pour cer- 
tifier une source demission, simultanement au 
cryptage lorsque des fichiers sont emis, et 
le terminal recepteur comprend en outre des 
moyens de confirmation (205) pour confirmer 25 
la signature numerique. 



nal recepteur; 

I'unite de cryptage a cle secrete dans le termi- 
nal emetteur crypte des donnees demandees; 
le terminal emetteur 6met vers le terminal re- 
cepteur les donnees demandees et cryptees; 
I'unite de decryptage a cle secrete dans le ter- 
minal recepteur decrypte les donnees emises; 

dans lequel 

I'unite de cryptage a cle secrete du terminal 
emetteur change la cle secrete chaque fois qu'une 
demande d'emission de donnees est recue a partir 
du terminal recepteur. 



9. Precede de transmission de donnees pour emettre 
des donnees d'un terminal emetteur vers un termi- 
nal recepteur dans un systeme de reseau, dans le- 30 
quel chacun des terminaux emetteur et recepteur 
comprend une unite de cryptage a cle secrete et 
une unite de decryptage a cle secrete, chacune d'el- 
les etant destined a crypter et a decrypter des don- 
nees au moyen d'un systeme a cie secrete dans le- 35 
quel seuls les terminaux emetteur et recepteur con- 
naissent la cle secrete qui est utilisee pour le cryp- 
tage et le decryptage de donnees emises, et com- 
prend une unite de cryptage a cle publique et une 
unite de decryptage a cle publique pour crypter et 40 
decrypter des donnees au moyen d'un systeme a 
cle publique dans lequel la cle de cryptage de cha- 
que terminal est accessible de facon commune, 
mais la cle* de decryptage de chaque terminal est 
gardee privee par chaque terminal correspondant, 4$ 
ce procede comprenant les etapes suivantes : 

le terminal recepteur demande une emission 

de donnees au terminal emetteur; 

I'unite de cryptage a cle publique dans le termi- so 

nal emetteur crypte une cle secrete de I'unite 

de cryptage a cie secrete dans le terminal 

emetteur; 

le terminal emetteur emet vers le terminal re- 
cepteur la cie secrete cryptee; 55 
I'unite de decryptage a cie publique decrypte la 
cie secrete cryptee et place la cie secrete dans 
I'unite de cryptage a cie secrete dans le termi- 
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